Name Resolution in Windows 2000

Name resolution, a critical function in any TCP/IP environment, lets users establish network connections using machine names (which shouldn’t change and are easy to remember) instead of IP addresses (which can change often in a DHCP environment and are difficult to remember). WINS provides a database that stores dynamic registrations for machines’ NetBIOS names and IP addresses. Each system queries this database when you use a NetBIOS name to connect to a machine—for example, if you choose a machine name from a browse list or use a machine's NetBIOS name in a Universal Naming Convention (UNC) path (e.g., \\machine_name).

DNS or WINS? Because DNS and WINS both provide name resolution, the first question you must address is whether you need both in a Windows 2000 Active Directory (AD) environment. DNS is required in an AD environment, so that's a given. Although you can configure DNS to resolve names and locate services on your network (e.g., when a Win2K Professional machine boots up and tries to locate a domain controller—DC), you will probably still need to rely on WINS to support legacy applications and Windows NT and Windows 9x clients. All previous versions of Windows, including the NT 4.0 and Win9x platforms, use NetBIOS to identify and locate machines and network services on a network. A machine name can be up to 15 characters long, although NetBIOS names can be up to 16 bytes long—the first 15 bytes are reserved for the user-specified name, and Windows uses the 16th byte to specify the service that the machine provides on the network.

So, if most networks will continue to require WINS, why did Microsoft prefer to use DNS to resolve names and locate services in Win2K? One reason is the additional capabilities you get when you integrate DNS and AD. DNS lets AD incorporate site information so that clients can locate a DC on the local subnet to authenticate logon requests. Also, with dynamic updates, you no longer have to build the DNS database manually, and the database is better suited to a DHCP environment.

Another reason that Microsoft is pushing DNS is because of WINS and NetBIOS naming limitations. The NetBIOS namespace is a flat namespace that only lets you use machine names once. In a large enterprise environment, these limitations can make for a large WINS database that you must distribute to multiple servers for load balancing and fault tolerance. When a NetBIOS machine boots, it sends its name resolution to the first WINS server (called its primary WINS server) and sends all subsequent name resolution requests to the same WINS server. The only time a client registers or queries a server other than its primary server is when the primary server isn't available. In such instances, the client turns to other servers.

When a WINS server receives a name resolution request, it checks its local WINS database for a matching entry; it doesn't pass the request to another WINS server on the network that might be able to resolve the query. Because of this limitation, each WINS server must contain an entry for each NetBIOS machine on your network, or name resolution might fail. If the clients will be registering with different WINS servers for load balancing, you have to configure the WINS servers to replicate their databases to one another, as I mentioned earlier. If this scenario is beginning to sound a little tricky, then you're starting to understand some of the scalability issues. DNS's use of a hierarchical namespace makes it more scalable and ultimately more manageable than WINS. DNS, after all, has supported the growth of the Internet.

WINS and DHCP Interoperability Because most of you will have to continue to support both WINS and DNS, your best bet is to configure them to work together to perform name resolution. To do so, add WINS Resource Records (RRs) to your forward lookup zones and WINS-R RRs to your reverse lookup zones on your DNS servers. Open the Microsoft Management Console (MMC) DNS Manager snap-in, right-click the zone, choose either the WINS or WINS-R tab, and enter the IP addresses of your WINS servers. The DNS server will then forward any unresolved queries to a WINS server for a final resolution attempt.

You might not be excited about having to support multiple name resolution services on your Microsoft networks, but the good news is that Microsoft has made several improvements to WINS in Win2K. In my next column, I'll detail some of the improvements and show you how to implement them.